Six days before the White House scrubbed the signing ceremony for what would have been President Trump's first AI safety executive order, tech journalists Kevin Roose and Casey Newton told their Hard Fork podcast listeners that the administration's posture toward AI "just did not survive contact with reality" — a description that, in fairness to two of the more reliable narrators of AI policy shifts, turned out to be right about the collision and wrong about which side gave way. Roose and Newton identified the cause as Anthropic's then-unreleased Mythos model and the proposition that an unusually permissive disposition toward frontier-model risk would eventually be tested by a capability disclosure too significant to ignore. What they didn't anticipate, and what is now a feature of the episode, is that the collision would resolve in favor of the disposition rather than the capability.

The empirical fact in the background is worth highlighting. Anthropic announced Mythos on April 7 in what Scientific American described as a significant advance — the salient feature being not its benchmark performance but an offensive cybersecurity capacity significant enough that the lab withheld release and stood up Project Glasswing, a $100 million private-sector cyber-readiness coalition, in its place. Palo Alto Networks CEO Nikesh Arora, appearing as the Hard Fork guest the same week, framed the defender's side of the same disclosure in unusually direct terms:

"The time from somebody breaching an organization and being able to extract . . . crown jewels has been measured in days. With the emergence of AI, that time frame has shrunk down to minutes."

One would think that a frontier lab voluntarily announcing that its own model is too dangerous to ship, paired with a sitting Fortune-500 cybersecurity CEO describing a three-orders-of-magnitude compression in offensive timelines, would inspire a regulatory conversation. That isn't exactly what happened.

The proposed order itself is substantively modest: a voluntary pre-release model-sharing window of up to 90 days, a government-agency clearinghouse for critical-infrastructure vulnerabilities, and — expressly — no civil or criminal penalties, no licensing, and no preclearance. Voluntary frameworks of that description tend to be received as the floor of industry tolerance rather than the ceiling, which is what makes the notable feature of May 21's course-change the fact that even such a framework, designed in consultation with industry and unaccompanied by enforcement, did not survive Silicon Valley's objections. This was conveyed not publicly but by phone, in the hours before the scheduled signing, by former AI Czar David Sacks — with the President explaining the next morning that the order "gets in the way of — you know, we're leading China." Embedded in that response is a broader assumption that governance can itself become a competitive disadvantage if it slows domestic frontier-model development relative to geopolitical rivals. 

That framing is consistent with a longer pattern, in which Sacks characterized Anthropic's safety advocacy in October 2025 as "a sophisticated regulatory capture strategy based on fearmongering," and the April 30 administration action blocking an expansion of Project Glasswing. 

Consideration of the executive order is part of a wider debate regarding the appropriate thresholds for triggering regulatory scrutiny of frontier models, and the risk-reward calculus for imposing those thresholds. For example, some proposed regulatory triggers have focused on “cost-level” properties (i.e., thresholding based on the compute-related cost to develop a model, which could restrict regulatory attention to only capital-intensive models without focus on risk introduced by cheaper but still capable models); “model-level” properties (i.e., thresholding based on the model’s performance against benchmarks that involve identifying software vulnerabilities); and “impact-level” properties (i.e., thresholding based on the number of commercial users that may pose systemic risk) — all as detailed in the California Frontier AI Policy Report released in July 2025.

The upshot, for those deploying frontier-model-derived systems, is that federal AI safety regulation is on indefinite hold and the governance vacuum is being filled by other instruments — state law (California SB 53 the most mature in force), international scientific consensus (the International AI Safety Report 2026, chaired by Yoshua Bengio, observes a "growing mismatch between the speed of AI capability advances and the pace of governance," although the US did not endorse this report), insurance and contractual allocation of risk, and voluntary lab commitments of the kind Anthropic has continued to make.

The question Hard Fork posed six days before the ceremony — whether an empirical capability disclosure of Mythos's caliber would prompt the administration to adopt a binding posture on frontier-model safety — has, for the moment, been answered in the negative, notwithstanding that the empirical case for doing so has only grown clearer. The question is no longer whether frontier-model capabilities are outpacing governance capacity; by now, even leading labs and cybersecurity firms acknowledge as much. The more consequential question is whether the United States has concluded that maintaining strategic advantage matters more than constructing governance institutions before those systems become too indispensable to constrain in any meaningful way.

For questions about AI governance, regulatory exposure, or frontier-model deployment risk, please contact the Jones Walker Privacy, Data Strategy and Artificial Intelligence team. Stay tuned and subscribe for continued insights from the AI Law and Policy Navigator.